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(54) Method and system for distributing programs using tamper resistant processor 



(57) A scheme for distributing executable programs 
through a network from a program distribution device to 
a client device having a tamper resistant processor 
which is provided with a unique secret key and a unique 
public key corresponding to the unique secret key in ad- 
vance is disclosed. In this scheme, a first communica- 
tion path is set up between the program distribution de- 



vice and the client device, and a second communication 
path directly connecting the program distribution device 
and the tamper resistant processor is set up on the first 
communication path. Then, the encrypted program is 
transmitted from the program distribution device to the 
tamper resistant processor through the second commu- 
nication path. 
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Description 

BACKGROUND OF THE INVENTION 
FIELD OF THE INVENTION 

[0001] The present invention relates to a method and 
a system for distributing encrypted executable pro- 
grams through a public networksuch as Internet to hard- 
ware devices with built-in microprocessors such as PCs. 

DESCRIPTION OF THE BACKGROUND ART 

[0002] In recent years, the performance of a micro- 
processor has improved considerably such that the mi- 
croprocessor is capable of realizing reproduction and 
editing of video images and audio sounds, in addition to 
the conventional functions such as computations and 
graphics. By implementing such a microprocessor in a 
system designed for end-user (which will be referred to 
as PC hereafter), the users can enjoy various video im- 
ages and audio sounds on monitors. Also, by combing 
the function for reproducing video images and audio 
sounds with the computational power of the PC, the ap- 
plicability to games or the like can be improved. Such a 
microprocessor is not designed for any specific hard- 
ware and can be implemented in a variety of hardwares 
so that there is an advantage that the users who already 
possess PCs can enjoy reproduction and editing of vid- 
eo images and audio sounds inexpensively by simply 
changing a microprocessor for executing programs. 
[0003] In the case of handling video images and audio 
sounds on PCs, there arises a problem of a protection 
of the copyright of original images or music. In the MD 
or digital video playback devices, unlimited copies can 
be prevented by implementing a mechanism for pre- 
venting the illegal copying in these devices in advance. 
It is rather rare to attempt the illegal copying by disas- 
sembling and altering these devices, and even if such 
devices are made, there is a worldwide trend for prohib- 
iting the manufacturing and sales of devices altered for 
the purpose of illegal copying by laws. Consequently, 
damages due to the hardware based illegal copying are 
not very serious. 

[0004] However, image data and music data are ac- 
tually processed on the PC by the software rather than 
the hardware, and the end-user can freely alter the soft- 
ware on the PC. Namely, if the user has some level of 
knowledge, it is quite feasible to carry out the illegal cop- 
ying by analyzing programs and rewriting the executa- 
ble software. In addition, there is a problem that the soft- 
ware for illegal copying so produced can be spread very 
quickly through media such as networks, unlike the 
hardware. 

[0005] In order to resolve these problems, there are 
propositions of a microprocessor having a function for 
preventing the analysis and the alteration of programs 
(R. Hartman, U.S. Patent No. 5,224,166; T. Gilmont, et 



al. f "Hardware Security for Software Privacy Support 11 , 
Electronic Letters, Vol. 35, No. 24, pp. 2096-2098, No- 
vember 1999; M. Hashimoto, et al., Japanese Patent 
Application No. 2000-135010). In particular, in the mi- 
5 croproccessor proposed by Japanese Patent Applica- 
tion No. 2000-1 3501 0, programs are protected from the 
analysis and the alteration by encrypting all of instruc- 
tions, execution states and data which are three types 
of elements constituting programs in the multi-task en- 
vironment. 

[0006] In these microprocessors, a secret key and a 
decryption function using the secret key are provided 
inside the processor such that encrypted programs can 
be read from an external processor, decrypted and ex- 
ecuted either directly or indirectly by using a public key 
corresponding to the secret key. Using these microproc- 
essors, the analysis and the alteration of programs can 
be made considerably more difficult in principle, com- 
pared with the tamper resistant software technique. A 
microprocessor having this function will be referred to 
as a tamper resistant microprocessor in the following. 
[0007] Now, in the case of using these processors, 
programs must be provided from program vendors in a 
state of being encrypted by using a public key of the 
processor either directly or indirectly. However, there is 
no known scheme for realizing such a program distribu- 
tion safely. 

SUMMARY OF THE INVENTION 

[0008] It is therefore an object of the present invention 
to provide a program distribution device capable of dis- 
tributing programs to a client side device through a net- 
work safely. 

[0009] It is another object of the present invention to 
provide a client side devices capable of receiving pro- 
grams distributed through a network safely. 
[0010] It is another object of the present invention to 
provide a program distribution system capable of dis- 
tributing programs through a network safely. 
[0011] It is another object of the present invention to 
provide a method for distributing programs through a 
public network safely. 

[0012] According to one aspect of the present inven- 
tion there is provided a program distribution device for 
distributing executable programs through a network to 
a client device having a tamper resistant processor 
which is provided with a unique secret key and a unique 
public key corresponding to the unique secret key in ad- 
vance, the program distribution device comprising: a 
first communication path set up unit configured to set up 
a first communication path between the program distri- 
bution device and the client device; a second commu- 
nication path set up unit configured to set up a second 
communication path directly connecting the program 
distribution device and the tamper resistant processor, 
on the first communication path; an encryption process- 
ing unit configured to produce an encrypted program by 
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encrypting an executable program to be distributed to 
the client device; and a transmission unit configured to 
transmit the encrypted program to the tamper resistant 
processor through the second communication path. 
[001 3] According to another aspect of the present in- 
vention there is provided a client device for receiving 
programs distributed from a program distribution device 
through a network, the client device comprising: a 
tamper resistant processor which is provided with a 
unique secret key and a unique public key correspond- 
ing to the unique secret key in advance; a first commu- 
nication path set up unit configured to set up a first com- 
munication path between the program distribution de- 
vice and the client device; a second communication path 
set up unit configured to set up a second communication 
path directly connecting the program distribution device 
and the tamper resistant processor, on the first commu- 
nication path; and a program receiving unit configured 
to receive an encrypted program from the program dis- 
tribution device through the second communication 
path. 

[0014] According to another aspect of the present in- 
vention there is provided a program distribution system, 
comprising: a program distribution device connected to 
a network, for distributing executable programs through 
the network; and a client device connected to the net- 
work, for receiving the executable programs distributed 
from the program distribution device through the net- 
work; wherein the client device has: a tamper resistant 
processor which is provided with a unique secret key 
and a unique public key corresponding to the unique se- 
cret key in advance; a client side first communication 
path set up unit configured to set up a first communica- 
tion path between the program distribution device and 
the client device; a client side second communication 
path set up unit configured to set up a second commu- 
nication path directly connecting the program distribu- 
tion device and the tamper resistant processor, on the 
first communication path; and a program receiving unit 
configured to receive an encrypted program from the 
program distribution device through the second commu- 
nication path; and the program distribution device has: 
a server side first communication path set up unit con- 
figured to set up the first communication path between 
the program distribution device and the client device; a 
server side second communication path set up unit con- 
figured to set up the second communication path directly 
connecting the program distribution device and the 
tamper resistant processor, on the first communication 
path; an encryption processing unit configured to pro- 
duce the encrypted program by encrypting an executa- 
ble program to be distributed to the client device; and a 
transmission unit configured to transmit the encrypted 
program to the tamper resistant processor through the 
second communication path. 

[001 5] According to another aspect of the present in- 
vention there is provided a method for distributing exe- 
cutable programs through a networkfrom a program dis- 



tribution device to a client device having a tamper re- 
sistant processor which is provided with a unique secret 
key and a unique public key corresponding to the unique 
secret key in advance, the method comprising the steps 

s of: setting up a first communication path between the 
program distribution device and the client device; setting 
up a second communication path directly connecting the 
program distribution device and the tamper resistant 
processor, on the first communication path; producing 

10 an encrypted program by encrypting an executable pro- 
gram to be distributed to the client device, at the pro- 
gram distribution device; and transmitting the encrypted 
program from the program distribution device to the 
tamper resistant processor through the second commu- 

15 nication path. 

[0016] Other features and advantages of the present 
invention will become apparent from the following de- 
scription taken in conjunction with the accompanying 
drawings. 

20 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0017] Fig. 1 is a block diagram showing a configura- 
tion of a program distribution system according to one 
25 embodiment of the present invention. 

[0018] Fig. 2 is a sequence chart for a program distri- 
bution operation sequence in the program distribution 
system of Fig. 1. 

[001 9] Fig. 3 is a flow chart for a processi ng procedure 
30 of a client device in the operation sequence of Fig. 2. 
[0020] Fig. 4 is a flow chart for a processing procedure 
of a program distribution device (server) in the operation 
sequence of Fig. 2. 

[0021 ] Fig . 5 is a flow chart for a processi ng procedu re 
35 of a microprocessor in the operation sequence of Fig. 2. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

40 [0022] First, the major features of the present inven- 
tion will be described briefly. 

[0023] The present invention provides a program dis- 
tribution device for distributing executable programs 
through a network to a client device with a built-in tamper 
45 resistant microprocessor, where the microprocessor is 
provided with a unique secret key and a unique public 
key corresponding to this secret key in advance. This 
program distribution device has an encryption process- 
ing unit which encrypts a program by using a unique 
50 public key that is sent from the microprocessor of the 
client device, or encrypts a program by using arbitrary 
ciphering key and encrypts this ciphering key by using 
a unique public key that is sent from the microprocessor 
of the client device. The encrypted ciphering key is then 
55 distributed to the client device along with the encrypted 
program. 

[0024] In the program distribution method of the 
present invention, a first communication path is set up 
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to the program distribution device from the client device 
through a network. Then, a second communication path 
for directly connecting the microprocessor to the pro- 
gram distribution device is set up on the first communi- 
cation path. The unique public key is sent from the mi- 
croprocessor to the program distribution device through 
the second communication path. This public key sent 
through the network is received at the program distribu- 
tion device and a program is encrypted by the program 
distribution device. The encrypted program is then di- 
rectly send to the microprocessor of the client device 
through the second communication path. 
[0025] The program distributed in this way is either 
encrypted by the unique public key of the microproces- 
sor of the client device, or encrypted by a common key 
and this common key is encrypted by the unique public 
key of the microprocessor. The program is directly trans- 
mitted to the microprocessor without being intercepted 
by any computer and can be decrypted only by the mi- 
croprocessor which has the unique secret key corre- 
sponding to this public key. In this way, it is possible to 
prevent the illegal decryption by a third party effectively. 
[0026] Referring now to Fig. 1 to Fig. 5, one embodi- 
ment of the program distribution system according to the 
present invention will be described in detail. 
[0027] Fig. 1 shows a program distribution system 90 
according to this embodiment, which is basically de- 
signed to distribute programs to a computer system with 
a built-in tamper resistant microprocessor. Consequent- 
ly, the executable program to be distributed is either di- 
rectly encrypted by using a key unique to the microproc- 
essor or encrypted by using arbitrary common key and 
the common key itself is encrypted by using a key 
unique to the microprocessor and attached to the exe- 
cutable program. In this case, it is impossible to distrib- 
ute programs by using copies of an identical program 
recording medium such as mass produced CD-ROMs, 
so that programs are distributed through a network. 
[0028] The program distribution system 90 of Fig. 1 
includes a network 95, a program distribution device 93 
connected to the network 95 for distributing executable 
programs through the network 95, and a client device 
91 connected to the network 95 for receiving the exe- 
cutable programs distributed from the program distribu- 
tion device 93 through the network 95. 
[0029] The program distribution device 93 has a first 
communication path set up unit 932 for setting up a first 
communication path between the program distribution 
device 93 and the client device 91 , a user authentication 
unit 933 for carrying out a user authentication of a user 
who uses the client device 91 through the first commu- 
nication path, a second communication path set up unit 

934 for setting up a second communication path that is 
directed connected to the microprocessor provided in- 
side the client device 9 1 , a processor authentication u n it 

935 for verifying the authenticity of the microprocessor 
901 of the client device 91 through the second commu- 
nication path, a program encryption processing unit 936 



for producing an encrypted program by encrypting an 
executable program by using a ciphering key corre- 
sponding to the microprocessor of the client device 91 , 
a network interface 931 for distributing the encrypted 

5 program to the client device 91 through the second com- 
munication path, and a charging processing unit 937. 
[0030] The client device 91 has a microprocessor 901 
in which unique secret key and public key are provided 
in advance, a network interface 903, a first communica- 
te tion path set up unit 905 for setting up the first commu- 
nication path between the client device 91 and the pro- 
gram distribution device 93, a user authentication unit 
91 0 for transmitting a user ID of the user who uses the 
client device 91 through the first communication path, a 

15 second communication path set up unit 906 for setting 
up the second communication path that directly con- 
nects the microprocessor 901 to the program distribu- 
tion device 93, a certification unit 907 for transmitting to 
the program distribution device 93 a certificate certifying 

20 that the microprocessor 901 surely has the secret key 
and public key that are unique to this microprocessor 
901 alone, a program receiving unit 908 for receiving 
the encrypted executable program through the second 
communication path, a program transfer unit 909, and 

25 a charging processing authentication unit 912. 

[0031 ] The first and second communication paths can 
be set up on different channels of the same transmission 
line or on different transmission lines. The encrypted 
program is transmitted to the microprocessor 901 

30 through the second communication path that is directly 
connected to the microprocessor 901 after the authen- 
tication of the microprocessor 901 is carried out, so that 
the safety of the program distribution can be secured 
and the illegal act by the user can be prevented. 

35 [0032] The program distribution device (server) 93 
has a pair of a public key K'p and a secret key K's which 
are unique in the world, and non-encrypted program 
files that are original forms of the programs to be distrib- 
uted. On the other hand, the client device 91 has the 

40 microprocessor 901 in which a dedicated program for 
downloading programs through a network is provided. 
The downloading program can be provided at a time of 
purchasing the microprocessor 901 or a system contain- 
ing the microprocessor 901 , or distributed to each user 

45 individually by any method such as mailing. 

[0033] In the downloading program, information such 
as the public key Kp unique to the microprocessor 901 
and the certificate is embedded. More specifically, the 
certificate Cert certifying that the public key Kp of the 

50 microprocessor 901 corresponds to the actually existing 
microprocessor is stored in the downloading program. 
This certificate is provided for the purpose of preventing 
the user from acquiring the plaintext program contents 
illegally by acquiring the encrypted program using the 

55 known set of public key and secret key that are not cor- 
responding to the actual microprocessor 901 and de- 
crypting the encrypted program by using the known se- 
cret key. 
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[0034] The certificate contains the public key Kp, and 
a value S K c e r t [Kp] which is an electronic signature us- 
ing a key Kcert of the certificate authority on the public 
key Kp that is calculated in advance. The value of Kcert 
is managed secretly by the certificate authority and not s 
contained in the downloading program. By verifying the 
public key Kp and the signature S K c e r t [Kp] contained 
in the certificate by using the public key Kval for authen- 
tication, it is possible to prove that Kp is the proper public 
key assigned by the certificate authority such that the 
known set of keys cannot be used. 
[0035] This certificate may be provided inside the mi- 
croprocessor in advance. However, the safety can be 
improved further by storing the certificate with a valid 
period in the downloading program and selling the mi- 
croprocessor with the downloading program. In this 
case, the downloading program storing the certificate 
that is regularly updated will be distributed to the pur- 
chaser of the microprocessor. 

[0036] The secret key Ks to be used in the download- 
ing process is encrypted and stored in a data region of 
the downloading program. A key necessary in decrypt- 
ing the encrypted secret key Ks is distributedly embed- 
ded in downloading program codes as constants. The 
secret key Ks to be used in the authentication process 
by the downloading program has the same value as the 
secret key Ks unique to the microprocessor 901 , but it 
is not obtained by reading the secret key Ks from the 
microprocessor 901 because the secret key Ks unique 
to the microprocessor 901 cannot be read out by pro- 
grams. 

[0037] In general, the certificate authority CA is uti- 
lized for proving that a given host has a specific public 
key. In the case of using the certificate authority in this 
system, a combination of the public key of the micro- 
processor 901 and the user (purchaser) is registered to 
the certificate authority either at a time of purchasing the 
microprocessor 901 or later on by on-line processing. In 
this case, the verification of the certificate by the pro- 
gram distribution device 93 can be omitted. 
[0038] However, the use of the certificate authority in- 
troduces an inconvenience for the user in that the user 
must register the purchased microprocessor 901 to the 
certificate authority. Forthis reason, in this embodiment, 
the encrypted certificate is stored in the downloading 
program such that the authentication can be carried out 
by the program distribution device 93 and the client de- 
vice 91 alone. 

[0039] Note that, in this embodiment, it is assumed 
that the program distribution device 93 is trustworthy so 
that the program distribution device 93 does not commit 
any illegal act such as stealing the certificate, and the 
fact that the program distribution device 93 has a pair of 
keys K'p and K's that are unique in the world is acknowl- 
edged by the certificate authority or the like in advance. 
[0040] Fig. 2 shows an operation sequence for the 
program distribution processing in the program distribu- 
tion system 90 of Fig. 1. In the following, the program 



distribution device 93 is also referred to as server 93. 
[0041] In the operation sequence of Fig. 2, a safe first 
communication path is set up between the client device 
91 and the server 93 by the first communication path set 
up units of the respective devices (step 1001). More 
specifically, a communication start request is send from 
the client device 91 to the server 93 through the network 
95, and the key sharing is earned out in order to maintain 
the communication path in secret. This can be realized 
by the known key sharing protocol or DH (Diffie Hell- 
man) scheme. The subsequent communications be- 
tween the client device 91 and the server 93 will be car- 
ried out through this communication path that is set up 
in the network 95 in this way and that is safe against 
eavesdropping. 

[0042] After the first communication path is set up, the 
client device 91 requests a file (program) to be down- 
loaded to the server 93 (step 1 002), and the server 93 
carries out the authentication and the charging process- 
ing on the user level with the client device 91 . In order 
to protect secrets of the processing from the user in the 
downloading process, at least a part of the downloading 
sequence at the client device 91 described below will 
be executed by using encrypted codes. Here, a part to 
be executed by using encrypted codes will be described 
as operations of the microprocessor 901 . 
[0043] Then, a safe second communication path for 
directly connecting the microprocessor 901 of the client 
device 91 and the server 93 is set up on the first com- 
munication path (step 1003). 

[0044] In the present invention, in order to prevent the 
user from illegally acquiring a part of data processed in 
the downloading process, not only codes but also data 
to be placed on a memory during the processing are de- 
scribed in forms that are difficult for the user to read and 
comprehend in the downloading program. Furthermore, 
the cipher communication using the secret key is carried 
out between the server 93 and the microprocessor 901 
at the step 1003 in order to improve the protection 
against the user's illegal act. 

[0045] This measure is taken because, if the secret 
key sharing is not employed, there is a possibility forthe 
user's illegal act to acquire the encrypted program by 
substituting a fake public key into the public key Kp of 
the microprocessor 901 in the communication message 
between the server 93 and the microprocessor 901 and 
obtain the plaintext program by decrypting the encrypt- 
ed program by using the known secret key correspond- 
ing to the fake public key. By enciphering the communi- 
cations between the server 93 and the microprocessor 
901 by using the secret key, it becomes possible to pre- 
vent the user's illegal act as described above. Hereafter, 
the communication between the microprocessor 901 
and the server 93 implies the protected communication 
which is enciphered by using a ciphering key shared by 
the tamper resistant program on the microprocessor 
901 and the server 93. 

[0046] After the safe second communication path is 
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set up, the microprocessor 901 and the server 93 carry 
out the mutual authentication. Namely, the microproc- 
essor 901 generates a random number Rc as a chal- 
lenge with respect to the server 93 and transmits this 
random number Rc along with the public key Kp unique 
to the microprocessor 901 , to the server 93 through the 
second communication path (step 1004). Upon receiv- 
ing the challenge, the server 93 transmits a signature 
S K . S [Rc] obtained by encrypting the random number 
Rc by using the secret key K's of the server 93 along 
with a challenge Rs of the server 93 and the public key 
K'p of the server 93, to the microprocessor 901 (step 

1 005) . Note that in Fig. 2, S K . s [Rc] is denoted as S[Rc] 
(K's) and the similar notations are used for the other sim- 
ilar expressions. 

[0047] The microprocessor 901 checks whether the 
signature S K . S [Rc] transmitted from the server 93 co- 
incides with V K . p [Rc] obtained by hashing Rc by using 
the public key K'p of the server 93. If they do not coin- 
cide, the authentication of the server 93 is a failure so 
that the subsequent processing is aborted. If the authen- 
tication is a success, a response S K s [Rs] is calculated 
from the challenge Rs of the server 93 and transmitted 
along with the certificate E[Cert] to the server 93 (step 

1006) . 

[0048] The server 93 compares the response S Ks 
[Rs] with V Kp [Rs], and aborts the processing if they do 
not coincide. If they coincide, V K va , [Kp] is calculated 
from the public key Kp of the microprocessor 901 and 
the public key Kval of the certificate authority, and com- 
pared with S K c e r t [Kp] corresponding to the public key 
obtained from the certificate Cert. If they do not coincide, 
the verification is a failure so that the processing is 
aborted. If they coincide, the certificate Cert is obtained 
by decrypting E K . p [Cert] and verified. If the verification 
fails, the processing is aborted. 

[0049] If the verification succeeds so that the fact that 
the microprocessor 901 has the public key Kp is con- 
firmed by the certificate, the server 93 produces the en- 
crypted program E Kp [Prog] from the executable pro- 
gram by using the public key Kp of the microprocessor 
901. At this point, the code section of the program is 
encrypted by using the public key Kp of the microproc- 
essor 901 . In this encryption, the ".text" section of the 
program itself is encrypted by the MAT(lmport Address 
Table)" section of the jump table is left in a form of plain- 
text. 

[0050] The server 93 then transmits the encrypted 
program E Kp [Prog] and a signature S K . S [E Kp [Prog]] 
obtained by using the secret key K's of the server 93 to 
the microprocessor 901 through the second communi- 
cation path (step 1007). These encrypted program and 
signature are transmitted through the second commu- 
nication path that is established directly between the mi- 
croprocessor 901 and the server 93 so that the client 
device 91 cannot eavesdrop them. 
[0051 ] When the receiving of the program is complet- 
ed, the microprocessor 901 notifies the downloading 



completion to the client device 91 (step 1008). The client 
device 91 then requests the charging processing to the 
server 93, and the server 93 transmits a receipt Rcpt, a 
signature S K . s [Rcpt] for the receipt obtained by using 

5 the secret key K's of the server 93, and the signature 
S K . s [E K p [Prog]] for the program to the client device 91 
(step 1 009). The client device 91 preserves the received 
receipt and its signature, while sending the signature 
s K's t E Kp [ Pro 9J] for tne program received from the 

10 server 93 to the microprocessor 901 (step 1010). 

[0052] The microprocessor 901 verifies the signature 
s k ■ s f e k p [ pro 9H f° r tne program received from the cli- 
ent device 91 by using the public key K'p of the server 
93, and if it is proper, the microprocessor 901 gives the 

is encrypted executable program E K p [Prog] to the client 
device 91 (step 1011). Upon receiving the encrypted ex- 
ecutable program E Kp [Prog], the client device 91 car- 
ries out the termination processing for the communica- 
tion channel with respect to the server 93 (step 1012). 

20 [0053] Thereafter, the microprocessor 901 executes 
the encrypted program in a prescribed manner. 
[0054] Fig. 3 shows the processing procedure of the 
client device 91 in the operation sequence of Fig. 2. This 
processing procedure is substantially as already ex- 

25 plained with reference to Fig. 2, and proceeds as fol- 
lows. 

[0055] First, the first communication path is set up be- 
tween the client device 91 and the server 93 (step 1101). 
Then, the program downloading request is made with 

30 respect to the server 93, and the authentication process- 
ing as described above is carried out (step 1103). Then 
the authentication between the microprocessor 901 and 
the server 93 is carried out and a transfer of the program 
to the microprocessor 901 is carried out (step 1105). 

35 Then, the receiving completion notice is received from 
the microprocessor 901 (step 1107), the charging 
processing is carried out with the server 93 (step 1 1 09), 
and the receipt and the signature are received from the 
server 93 8step 1111). Then, the signature are given to 

40 the microprocessor 901 (step 1113), the encrypted pro- 
gram is received from the microprocessor 901 (step 
1115), and the communication channel between the cli- 
ent device 91 and the server 93 is terminated (step 
1117). 

45 [0056] Fig. 4 shows the processing procedure of the 
server 93 in the operation sequence of Fig. 2, which pro- 
ceeds as follows. 

[0057] First, the first communication path is set up in 
response to the request from the client device 91 (step 

50 1 201 ). Then, the program downloading request from the 
client device 91 is received, and the authentication with 
the client is earned out for the purpose of charging or 
the like (step 1203). Then, the second communication 
path is set up between the server 93 and the microproc- 

55 essor 901 (step 1205), and the challenge Rc and the 
public key Kp are received from the microprocessor 901 
(step 1207). Then, the server side challenge Rs and the 
response S K . S [Rc] are generated and transmitted 
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along with the public key K'p of the server 93 to the mi- 
croprocessor 901 (step 1 209). Then, the response S K s 
[Rs] and the certificate E[Cert] are received from the mi- 
croprocessor 901 (step 1211), and S K s [Rs] and E[Cert] 
received from the microprocessor 901 are verified (step 5 
1213). When the verification fails, the processing is 
aborted. When the verification succeeds, the encrypted 
program and the signature corresponding to the micro- 
processor 901 are generated and transmitted to the mi- 
croprocessor 901 (step 1215), and the program transfer 
between the server 93 and the microprocessor 901 is 
terminated (step 1217). Then, the charging processing 
is carried out with respect to the client device 91 and the 
receipt and the signature are transmitted (step 1219), 
and the communication channel between the server 93 
and the client device 91 is terminated (step 1221). 
[0058] Fig. 5 shows the processing procedure of the 
microprocessor 901 in the operation sequence of Fig. 
2, which proceeds as follows. 

[0059] First, the second communication path between 
the microprocessor 901 and the server 93 is set up (step 
1301). Then, the challenge Rc is generated and trans- 
mitted along with the public key Kp unique to the micro- 
processor 901 , to the server 93 (step 1 303). When the 
transmission succeeds, the response S K . S [Rc], the 
challenge Rs and the public key K'p are received from 
the server 93 (step 1305). Then, whether the response 
is proper or not is Judged (step 1307). If it is improper 
the processing is aborted. If it is proper, the response 
with respect to the server 93 and the certificate corre- 
sponding to the server 93 are generated and transmitted 
(step 1309). Then, the encrypted program is received 
from the server 93 (step 1311 ), and when the receiving 
is completed, the downloading completion is notified to 
the client device 91 (step 1313). Then, the signature is 
received from the client device 91 (step 1315), and the 
signature is verified (step 1317). If the verification fails 
the processing is aborted. If the verification succeeds, 
the encrypted program is transferred to the client device 
91 (step 1319). 

[0060] In the operation sequence of Fig. 2, if the en- 
crypted program E[prog] cannot be acquired due to the 
abnormal finishing of the downloading program after the 
completion of the charging processing, the client has the 
right to download the program from the server 93 again 
according to the preserved receipt. In this case, the 
charging will not be carried out again, and the program 
other than the encrypted program for the microproces- 
sor 901 will not be acquired. 

[0061] Also, in the operation sequence of Fig. 2, the 
server 93 may use the common key for the encryption 
of the program instead of the public key of the micro- 
processor 901 . In this case, the server 93 selects the 
common key Kx and the encryption algorithm, encrypts 
the program by using the common key Kx, encrypts the 
common key Kx by using the public key unique to the 
microprocessor 901 , and transmits the program to the 
microprocessor 901 after enciphering the communica- 



tion between the server 93 and the microprocessor 901 . 
At this point, the server 93 may select the encryption 
algorithm from encryption algorithms that can be proc- 
essed by the microprocessor 901 , by adding a step for 
inquiring the encryption/decryption functions provided in 
the microprocessor 901 from the server 93 to the micro- 
processor 901 after the second communication path is 
set up. 

[0062] In this case, the throwaway common key for 
each program is used for decrypting the execution 
codes so that a key length can be made shorter and a 
size of the page table constructed in a memory of the 
client device 91 or a cache of the microprocessor 901 
can be made smaller. 

[0063] The downloading procedure as described 
above is also applicable to the handling of the secret 
information such as database or customer information. 
This downloading procedure can also be extended to be 
applicable to any music or video data other than the ex- 
ecutable program, where the only difference from the 
case of the prog ram will be that the program is encrypted 
in such a way that the program can be executed only by 
the target microprocessor in the case of the program. 
[0064] According to the program distribution system 
of the present invention, the encrypted program can be 
distributed from the program distribution device to the 
client device through the network safely and surely. Al- 
so, by using the tamper resistant downloading program 
to be executed at the microprocessor, the program 
downloading can be carried out directly between the 
program distribution device and the microprocessor 
safely and efficiently, without any intervention by a third 
party. 

[0065] Also, by recording the program code section in 
an encrypted form and storing the I AT region for directly 
referring to external programs in a non-encrypted plain- 
text form in a computer readable recording medium, the 
relocation can be carried out correctly at a time of the 
program execution. 

[0066] It is to be noted that the above embodiment is 
described for an exemplary case of using a tamper re- 
sistant microprocessor, but it should be apparent that 
the present invention is equally applicable to the case 
of using a tamper resistant processor in general. 
[0067] it is also to be noted that, besides those al- 
ready mentioned above, many modifications and varia- 
tions of the above embodiments may be made without 
departing from the novel and advantageous features of 
the present invention. Accordingly, ail such modifica- 
tions and variations are intended to be included within 
the scope of the appended claims. 



Claims 

1 . A program distribution device for distributing exe- 
cutable programs through a network to a client de- 
vice having a tamper resistant processor which is 
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provided with a unique secret key and a unique pub- 
lic key corresponding to the unique secret key in ad- 
vance, the program distribution device comprising: 

a first communication path set up unit config- 
ured to set up a first communication path be- 
tween the program distribution device and the 
client device; 

a second communication path set up unit con- 
figured to set up a second communication path 
directly connecting the program distribution de- 
vice and the tamper resistant processor, on the 
first communication path; 
an encryption processing unit configured to 
produce an encrypted program by encrypting 
an executable program to be distributed to the 
client device; and 

a transmission unit configured to transmit the 
encrypted program to the tamper resistant 
processor through the second communication 
path. 

2. The program distribution device of claim 1 , further 
comprising: 

a user authentication unit configured to carry 
out authentication of a user who is using the client 
device, by using a user ID of the user received from 
the client device through the first communication 
path. 

3. The program distribution device of claim 1 or 2, fur- 
ther comprising: 

a processor authentication unit configured to 
carry out authentication of the tamper resistant 
processor, by verifying a certificate certifying that 
the tamper resistant processor surely has the 
unique secret key and the unique public key, which 
is received from the client device through the sec- 
ond communication path. 

4. The program distribution device of claim 1,2 or 3, 
wherein the encryption processing unit encrypts the 
executable program by using the unique public key 
received from the tamper resistant processor 
through the second communication path. 

5. The program distribution device of claim 1 , 2 or 3, 
wherein the encryption processing unit encrypts the 
executable program by using a common key, and 
encrypts the common key by using the unique pub- 
lic key received from the tamper resistant processor 
through the second communication path; and 

the transmission unit transmits the encrypted 
program along with an encrypted common key to 
the tamper resistant processor through the second 
communication path. 

6. The program distribution device according to any 



one of claims 1 -5, wherein communications through 
the second communication path are cipher commu- 
nications. 

5 7. A client device for receiving programs distributed 
from a program distribution device through a net- 
work, the client device comprising: 

a tamper resistant processor which is provided 
10 with a unique secret key and a unique public 

key corresponding to the unique secret key in 
advance; 

a first communication path set up unit config- 
ured to set up a first communication path be- 
15 tween the program distribution device and the 

client device; 

a second communication path set up unit con- 
figured to set up a second communication path 
directly connecting the program distribution de- 
20 vice and the tamper resistant processor, on the 

first communication path; and 
a program receiving unit configured to receive 
an encrypted program from the program distri- 
bution device through the second communica- 
25 tion path. 

8. The client device of claim 7, further comprising: 

a user authentication unit configured to carry 
out authentication of a user who is using the client 
30 device with respect to the program distribution de- 
vice, by transmitting a user ID of the user to the pro- 
gram distribution device through the first communi- 
cation path. 

35 9. The client device of claim 7 or 8, further comprising: 
a certification unit configured to carry out au- 
thentication of the tamper resistant processor with 
respect to the program distribution device, by trans- 
mitting a certificate certifying that the tamper resist- 

40 ant processor surely has the unique secret key and 
the unique public key, through the second commu- 
nication path. 

10. The client device of claim 7, 8 or 9, wherein the pro- 
45 gram receiving unit receives the encrypted program 

which is encrypted by using the unique public key 
notified from the tamper resistant processor to the 
program distribution device through the second 
communication path. 

50 

1 1 . The client device of claim 7, 8 or 9, wherein the pro- 
gram receiving unit receives the encrypted program 
which is encrypted by using a common key, and an 
encrypted common key which is encrypted by using 

55 the unique public key notified from the tamper re- 
sistant processor to the program distribution device 
through the second communication path. 
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1 2. The client device of any one of claims 7-1 1 , wherein 
communications through the second communica- 
tion path are cipher communications. 

13. A program distribution system, comprising: 

a program distribution device connected to a 
network, for distributing executable programs 
through the network; and 
a client device connected to the network, for re- 
ceiving the executable programs distributed 
from the program distribution device through 
the network; 

wherein the client device has: 

a tamper resistant processor which is pro- 
vided with a unique secret key and a 
unique public key corresponding to the 
unique secret key in advance; 
a client side first communication path set 
up unit configured to set up a first commu- 
nication path between the program distri- 
bution device and the client device; 
a client side second communication path 
set up unit configured to set up a second 
communication path directly connecting 
the program distribution device and the 
tamper resistant processor, on the first 
communication path; and 
a program receiving unit configured to re- 
ceive an encrypted program from the pro- 
gram distribution device through the sec- 
ond communication path; 
and the program distribution device has: 

a server side first communication path 
set up unit configured to set up the first 
communication path between the pro- 
gram distribution device and the client 
device; 

a server side second communication 
path set up unit configured to set up 
the second communication path di- 
rectly connecting the program distribu- 
tion device and the tamper resistant 
processor, on the first communication 
path; 

an encryption processing unit config- 
ured to produce the encrypted pro- 
gram by encrypting an executable pro- 
gram to be distributed to the client de- 
vice; and 

a transmission unit configured to 
transmit the encrypted program to the 
tamper resistant processor through 
the second communication path. 

14. A method for distributing executable programs 



through a network from a program distribution de- 
vice to a client device having a tamper resistant 
processor which is provided with a unique secret 
key and a unique public key corresponding to the 
unique secret key in advance, the method compris- 
ing the steps of: 

setting up a first communication path between 
the program distribution device and the client 
device; 

setting up a second communication path direct- 
ly connecting the program distribution device 
and the tamper resistant processor, on the first 
communication path; 

producing an encrypted program by encrypting 
an executable program to be distributed to the 
client device, at the program distribution de- 
vice; and 

transmitting the encrypted program from the 
program distribution device to the tamper re- 
sistant processor through the second commu- 
nication path. 

1 5. The method of claim 1 4, further comprising the step 
of: 

carrying out authentication of a user who is 
using the client device, by using a user ID of the 
user received from the client device through the first 
communication path. 

16. The method of claim 14 or 15, further comprising 
the step of: 

carrying out authentication of the tamper re- 
sistant processor, by verifying a certificate certifying 
that the tamper resistant processor surely has the 
unique secret key and the unique public key, which 
is received from the client device through the sec- 
ond communication path. 

The method of claim 14, 15 or 16, wherein the pro- 
ducing step encrypts the executable program by us- 
ing the unique public key received from the tamper 
resistant processor through the second communi- 
cation path. 

The method of claim 14, 15 or 1 6, wherein the pro- 
ducing step encrypts the executable program by us- 
ing a common key, and encrypts the common key 
by using the unique public key received from the 
tamper resistant processor through the second 
communication path; and 

the transmitting step transmits the encrypted 
program along with an encrypted common key to 
the tamper resistant processor through the second 
communication path. 

19. The method of any one of claims 14-18, wherein 
communications through the second communica- 
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